Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

alphadogg writes "U.S. cellphone carriers were offered a technology last year that supporters say would dramatically cut incidents of smartphone theft, but the carriers turned it down, according to sources with knowledge of the proposal. The so-called 'kill-switch' software allows consumers to remotely wipe and render their phones useless if stolen. Law enforcement and politicians believe the incentive for stealing a smartphone or tablet would be greatly reduced if the technology became standard, because the devices could quickly be rendered useless. A proposal by Samsung to the five largest U.S. carriers would have made the LoJack software, developed by Canada's Absolute Software, a standard component on many of its Android phones in the U.S. The proposal followed pressure from the offices of the San Francisco District Attorney and the New York Attorney General for the industry to do more to prevent phone theft."

I like how every time a new piece of technology comes up with integration into devices we have (phones, cars, toasters), the immediate response on/. is always "But what about the hackers!" as if there's a group of malicious hackers just waiting for the technology to appear so they could exploit it. There are plenty of vulnerable technologies out today (SCADA systems for one) but hackers aren't so interested in disrupting these systems because they're pure evil. Most systems get hacked because there's som

Am thinking a killswitch, accessible en-mass via a carrier would make an interesting target for hackers - being able to inform a party that they have 72hrs to pay a sum money to a russian account, or have 10.000 customer-phones wiped.......gotta be someone out there ready to try this.

Since I have small children that don't all understand that repeatedly entering a bad pin will erase my phone, I back up my iPhone & iPad to iTunes every night (and do not use iCloud.) All I have to do is plug it in and do a complete restore. If people don't back up their phones, whatever happens to them is their own fault. If someone wants to remote erase my device, I say "Bring it on."

It's not remote-erase that we're talking about. It's remote-brick. Make it useless. Of course there will always be a market for second-hand screens, but the primary value is the motherboard, which if it becomes worthless makes it less likely that they will steal your phone in the first place.

the immediate response on/. is always "But what about the hackers!" as if there's a group of malicious hackers just waiting for the technology to appear so they could exploit it

That would be because there IS a group of malicious people looking to exploit technology, some of them merely because they can. The topic gets brought up because it usually is insufficiently considered in the beginning. If something can be exploited you can be pretty sure that sooner or later it will be exploited.

. Most systems get hacked because there's some profit to be made out of it or someone is trying to put a message out there.

You think there is no profit to be made in wiping people's cell phones? Ever hear of blackmail? How about terrorism? Think there is no profit to be made in selling technology to mass kill cell phones to terrorist groups who might want to cause problems? There is profit to be made in exploits if you really think about it hard enough.

But we shouldn't let our fear of these people stop us from trying new technologies. It's possible to take counter measures to prevent the evil hackers getting in while still enjoying the benefits of it.

You think there is no profit to be made in wiping people's cell phones? Ever hear of blackmail? How about terrorism? Think there is no profit to be made in selling technology to mass kill cell phones to terrorist groups who might want to cause problems? There is profit to be made in exploits if you really think about it hard enough.

I was referring to the parent post who said "deactivates and wipes EVERY PHONE", which would not be very useful. There are much softer targets already for people looking to cause mayhem, and even terrorists use cellphones.

How much profit do you suppose could be had with the ability to remotely disable the brakes/max the throttle on a car? I hear there's good money in cutting people's brake cables if you have the right connections. I'm sure there's similar profit to be had in remote arson (toasters) and bugging the phones of "the competition". Am *I* likely to be the target of such things? Probably not. But there's a lot of powerful people who could indirectly make my life more difficult as a side effect of either giving

This is device kill switch just a more targeted version of the Internet Killswitch. What, you think they aren't planning on needing such device killing tech? Because that's what the Pentagon says. [theguardian.com]

This is just the first step. The next step will be to not allow the device to function unless it pings government approved systems and authenticates with your valid citizen ID. They'll turn the blacklist into a whitelist. Black boxes are mandeded into cars already, and Intel has demonstrated their capability for remote wireless PC kill switches too.

Every time they say: "Trust us, this is good for you", or "It stops Terrorism!" or "It' stops Theft" or "Think of the Children" your red flag should go up. Another red flag? The bill proposed in California would make this Mandatory. That's not Capitalism. We should let the people decide if they want this feature in their hardware. Mandatory is a huge red flag.

...but hackers aren't so interested in disrupting these systems because they're pure evil. Most systems get hacked because there's some profit to be made out of it or someone is trying to put a message out there.

Or, systems get hacked just for the lulz. And you'd better believe there's individuals out there who would get a real hard on by vandalising cell phones/networks.

There are, theoretically, quite secure ways of implementing this... although I would not be surprised if nobody bothers.

One mechanism that most immediately occurs to me would be that a device with a remote-brick feature would have a password, created and assigned by the user of the device, which would not get reset by wiping the firmware or installing a new sim card. To brick a device would require transmitting not only the unique code that physically identifies that particular piece of hardware, but also the password that is supposed to be associated with it. The physical device, if it received an intent-to-brick signal that was actually intended for it, would compare the pasword in the signal to that which was set for the device, and if they matched, the device would be bricked at a level that is irrevocable. The phone could only be used to call 911, and that's it. Legitimately selling a phone would require the user to reset that password to a default state... but doing that, in turn, would require that the old password be entered first.

The biggest oversight in your suggestion here is how such security would hinder the government from issuing the kill orders without the users' consent.

You DO REALIZE this is the most logical motivation for this legislation, right? Enabling the government to silence their targets digitally prior to doing so physically? Why else would the Federal government even remotely care if this existed? Is the FBI investigating cell theft now?

I wasn't suggesting that the mechanisms above would ever be legislated by the government, but there's no theoretical reason that current device manufacturers could not implement a mechanism that did what I described... potentially negating much of the marketability of any device that was stolen, since an authorized owner may still be able render it useless in anyone else's hands.

And if the government did legislate a kill switch, they would need to explicitly say in the law that agents acting on behalf of

One mechanism that most immediately occurs to me would be that a device with a remote-brick feature would have a password, created and assigned by the user of the device, which would not get reset by wiping the firmware or installing a new sim card.

People are demonstrably TERRIBLE at remembering passwords. I know people who have to look up passwords for things they use daily.

People are demonstrably TERRIBLE at remembering passwords. I know people who have to look up passwords for things they use daily.

Then don't have a password at all.

Have another device, say a cheap small write-once USB flash drive stick with a PGP Private key on it sold with every device.You keep this at home under your mattress, or in your safe, or at your mom's house.Its only used to wipe or nuke the phone.

We can argue how that private key gets there as a separate issue. Do you put it there, or does the carrier, or the manufacturer?

Given that the manufacturer (and perhaps the government) can and probably will have a backdoor anyway,

The point of the mechanism that I suggested is to put the responsibility of final control of the device into the hands of the authorized owner of the device. If the owner of the device is not actually competent enough to exercise that control in a useful manner, that's not really the fault of the mechanism itsef. Either way, it's nothing that a would-be thief has any control over.

I suspect people would promptly learn to not use the default password when their phone gets shut down without their consent.

But hey... maybe have the ability to unbrick it by entering the current password into the device would be a way for the user to get their device back... and if somebody else really had done this without their consent, they should know that they need to change their password right after unbricking it, since it was hacked. The password should not be possible to change remotely.

However, they should be required to participate in blacklisting phones reported as missing or stolen. At a minimum, it should be a national registry. Preferably, it should be international.

I have seen a number of Verizon branded phones on Craigslist that have been supposedly reflashed for use with Cricket. I wonder how many of those phones have unclean serials. Same goes for AT&T branded phones for use with Rogers.

Kindles come with a kill switch, at least they used to, and it caused no end of headaches to the second-hand market. You could (with some difficulty) verify that the device hadn't been reported stolen before buying it, immediately link it to your own Amazon account (after flashing it to stock firmware of course), and *still* get surprised several weeks later when your device suddenly bricked itself after the previous owner reported it stolen. Granted a lot of that came down to implementation details, but I

... until someone hacks into a carriers network, and deactivates and wipes EVERY PHONE on the carriers registry.

Not going to happen for two reasons.

1. There are multiple HLR's (Home Location Registers) in almost every carrier's network. This is where the subscriber information is kept and they are fully redundant (i.e. have multiple copies in the network). In order to kill everybody in a carrier's network, you are going to have to disrupt multiple HLR's and all of the redundancy built into the network.

2. The configuration interface of an HLR is very isolated and allowed transactions are limited to a single handset at a time. There is no way to bulk erase the database from the public interface of the HLR, you are going to have to get access INSIDE of the HLR. Trying to disrupt a network one handset at a time will take a LONG time and I'd bet they'd figure out what was happening and shut down the public HLR interface before you get very far.

But even if you did manage to break into multiple HLR's and their redundant backups and bulk erase their subscriber data, you have the problem of the VLR (Visitor Location Register) which is what the network *actually* uses when dealing with your handset. The local MSC (Mobil Switch Center) which runs the cell your phone is in only consults the HLR when it first sees your handset or you receive a call, loads the data from the HLR into the VLR. MSC's usually cover fairly large geographic areas, so even if the HLR's are trashed, most people's handsets will still work great for making calls. Receiving calls and voice mail might be more of an issue but how do you know you didn't receive a call or a voice mail didn't get collected?

Then there is the problem with backups. You KNOW that they keep backups of the HLR data. I've seen an HLR that used Oracle as it's back end. They kept *hourly* snapshots to disk and *daily* complete backups. Plus they copied off the transaction logs as soon as they where written by Oracle. If you managed to corrupt their on disk data in the HLR, they could get the HLR restored to within an hour of your attack in less than an hour, then recover the HLR to exactly what it should be by inspecting the transaction logs and just taking out the bogus deletes. It would be a pain, but the bulk of the disruption would be short lived.

You're looking at the wrong level. The proposal was for software embedded in the phone (not the HLR) so that it would brick if it received the right command. So no need to corrupt the HLR at all, just send the brick yourself command to the phones.

You're looking at the wrong level. The proposal was for software embedded in the phone (not the HLR) so that it would brick if it received the right command. So no need to corrupt the HLR at all, just send the brick yourself command to the phones.

This.

Why do all that work, just tell the phone to do the work for you! If this gets implemented, that is...

You're looking at the wrong level. The proposal was for software embedded in the phone (not the HLR) so that it would brick if it received the right command. So no need to corrupt the HLR at all, just send the brick yourself command to the phones.

This.

Why do all that work, just tell the phone to do the work for you! If this gets implemented, that is...

I don't think that is what they where discussing. I thought it was about banning the ESN at the carrier level. This would effectively render the handset unserviceable by any carrier that refused to service the ESN. No need to put software on the phone.

You're looking at the wrong level. The proposal was for software embedded in the phone (not the HLR) so that it would brick if it received the right command. So no need to corrupt the HLR at all, just send the brick yourself command to the phones.

This.

Why do all that work, just tell the phone to do the work for you! If this gets implemented, that is...

I don't think that is what they where discussing. I thought it was about banning the ESN at the carrier level. This would effectively render the handset unserviceable by any carrier that refused to service the ESN. No need to put software on the phone.

Nope.

FTFA:

A proposal by Samsung to the five largest U.S. carriers would have made the LoJack software, developed by Canada's Absolute Software, a standard component on many of its Android phones in the U.S....To work, the LoJack system requires two components. The first is code buried with the phone's firmware that ensures it remains active even if the operating system is reinstalled. The second is a desktop app through which users control the software.

To be sure, there certainly are many, many ways to break an egg, but this article is specifically talking about device-resident code that would take care of bricking the phone for you...no need to mess with HLR's. One-stop shopping, as it were:)

You're looking at the wrong level. The proposal was for software embedded in the phone (not the HLR) so that it would brick if it received the right command. So no need to corrupt the HLR at all, just send the brick yourself command to the phones.

I was responding to the previous post.

... until someone hacks into a carriers network, and deactivates and wipes EVERY PHONE on the carriers registry.

This registry in the carrier's network is the HLR infrastructure. Nothing else fits the description the previous author was discussing. Now if the previous author was at the wrong level, take it up with them.

On an aside.. I thought the original article discussion was about banning handsets by ESN. All that is required to do this is to have a centralized ESN registry of stolen handsets and an agreement from carriers to refuse service to stolen ESN's. It wold be more effective than software on the phone, mainly because it works with ALL handsets, regardless of their type and cannot be undone by anything short of changing the ESN, which is not generally something just anybody can do beyond the manufacturer.

Yup. The carriers already HAVE an effective killswitch: A database of IMEIs reported as stolen which the network can (and DOES) blacklist. (I know for a fact that AT&T does blacklisting as Samsung devices change to a "default" test IMEI if their EFS partition is corrupted - this IMEI is blacklisted by AT&T.)

If users want something more than that they have plenty of options available to them at their own risk.

Pretty much, that's what I'd be worried about, and I actually run Cerberus, which provides exactly this type of functionality. Maybe carriers should be required to provide information about other companies that provide these types of service, which would solve the problem without locking an entire industry into a single solution which is easier to break.

Even if they don't pay it is of no loss to the carrier since they do not have the subsidy. If one buys a new iPhone 5S and has it stolen after two or three billing cycles and stops paying their bill the carrier loses out on that subsidy. If one steals a brand new iPhone 5S and stops paying after two or three billing cycles the carrier is out nothing and in most cases made great profit since no part of the bill was subsidy (also most prepaids can't accept stolen devices as easy as paid providers who control

To use a car analogy, demanding carriers implement a kill switch would be like demanding SUNOCO keep a registry of stolen vehicles and verify license plates at all their filling stations before selling anyone gas. Not that most US cellular operators don't deserve to be spend to 'that special hell', its still not fair to burden them with problems which are not their own.

You are responsible for your own property. If you can't hold on to your phone buy some theft insurance for it. As others have stated there is a huge risk to consumers posed by remote wipe and kill switch technology. What happens when your angry girlfirend falsely reports your phone stolen? What happens if the carrier's network get breached and someone sends the kill commands to all devices. What if its just a leak like Verizon's text portal awhile back and someone just spams the system with tons of false reports?

These guys don't have the track record to properly manage this kind of power. They also don't have any moral obligation to you in the first place.

If SUNOCO regularly bundled cars with their gas, it might be a better analogy. They seem rather intent on customizing the phones they sell by loading crapware and putting their logos on them, so it's not an unreasonable burden.

That said, I would prefer the technology to be FOSS, audited by multiple governments and NGOs that are not on friendly terms, and have the keys or other authentication used be privately held by default.

The quality of his analogy isn't really that relevant. The fact is, he's right.... The way theft is handled with just about every other piece of consumer electronics gear you can think of is to make the OWNER responsible for its safe-keeping. If it's stolen, you can potentially make an insurance claim, and certainly you can file a police report. But giving a third party (such as the cellular carrier) the ability to issue remote wipes? That's just asking for a slew of lawsuits against carriers for improp

I think the merit lies more in that smartphones have a lower risk-to-reward ratio since they are small and easy to steal, while being worth a lot on the black market. Technology provides a decent means to deter theft because without that reward, it doesn't matter much how easy phones are to steal.

Large-scale theft is a drain on consumers (cost of replacement or insurance costs) as well as society (cost of policing all the thefts), so government is going to get involved.

What happens when your angry girlfirend falsely reports your phone stolen? What happens if the carrier's network get breached and someone sends the kill commands to all devices. What if its just a leak like Verizon's text portal awhile back and someone just spams the system with tons of false reports?

Ther most obvious way to circumvent all of these is if the kill command requires a password that was created by the user of the device... and the password does not get reset by doing things like changing the si

The point behind what I was suggesting is to put the control of their device into the hands of a legitimate user. If the user is not competent enough to remember what they need in order to actually enforce that control, that's their own fault.... but either way, it's still not something a thief or a person who may want to try to brick somebody else's phone has any direct control over.

No, a gas station doesn't have a "nexus" to ownership of cars; cell carriers do have that nexus. It would be more like asking Avis to remotely disable a car they rented which was just used in a bank robbery. Is that a good idea or not? Maybe, I don't know, but it's not really similar to a gas station.

If I'm a carrier, why would I NOT want to sell service to whomever stole your phone?

Since the carriers have no culpability in the theft of your device, the legal fiduciary obligation to the shareholders trumps any perceived moral obligation to you.

But they WILL refuse to service a phone that is on a delinquent account. That's what BAD ESN means. If they think you still owe them money on the "contract" you can bet they will refuse to allow the phone to be used on their network.

... given what we now know, do we trust that the government wouldn't abuse this system and kill phones for other reasons? Do we trust that media companies won't kill phones it decided were sharing copyrighted materials? Do we trust that phone companies won't kill phones from delinquent customers? What might have been a straightforward security system becomes a dangerous tool of control, when you don't trust those in power.

And this, ultimately, is the problem with those who keep repeating that we should just trust the government. It implies we should also disengage our brains.

"The Government", carriers and the manufacture can shut them down right now.They don't because that would be terrible for a number of reasons.And why shouldn't people who have not been paying there bill have their service turned off*?

The media companies is a strawman or fear mongering, I can't tell which.

oh, speaking of strawman arguments:", is the problem with those who keep repeating that we should just trust the government"really?"And this, ultimately, is th

Maybe you're trolling here and I'm taking the bait, but in case you really believe what you wrote, here goes...

"The Government", carriers and the manufacture can shut them down right now. They don't because that would be terrible for a number of reasons.

Although carriers can effectively turn off your phone service, and can possibly even brick your phone if you haven't rooted it and disabled automatic OTA updates, they can't currently wipe it clean remotely. The proposed new 'service' would allow them to do that. And where there's some advertised protection against that happening, there's probably a backdoor, or at least an exploit, that can get ar

On the other hand, the constant paranoia makes people sound as if we are living in a society where people just disapear off the streets and no one asks questions because they are afraid they will be next to be abducted and never heard from again. They act like the US is some police state or that we are in constant danger. I don't commit crimes, I don't associate with known criminals, I pay my taxes, and I drive safely. And you know what? The authorities and government leave me alone. Yes, we need to guard our privacy, the NSA thing (while slightly overblown, most people think that they actually have recordings of all the calls as opposed to just records of them because of all the hype), and hold them accountable, but this laughable notion that the "gubment is out to get all of us" just takes away from the real issues and is the same reason those scared folks in the Bible Belt stock up on 100's of weapons for when they "come to get 'em". Folks watch too many movies.

Could stuff happen? Sure. The sun could also have some heretofore unknown random chemical reaction and explode instantly killing us all. But people act so paranoid that they detract from the actual atrocities that go on - being one of the only first-world countries where getting cancer can make you go bankrupt, that we rank in the double digits for things like education, and the dangers of all the chemicals we ingest, breathe, clean, and live with being absorbed into every pore that we really know nothing about the long term effects of are. But oh yeah, be scared that Obama is gonna send some henchmen to rip you out of your house in the middle of the night and block your phone off and your family will never see or hear from you again. Because that happens every day, right?

I don't commit crimes, I don't associate with known criminals, I pay my taxes, and I drive safely. And you know what? The authorities and government leave me alone.

I am going to Godwin this. I suspect lots of German Jews might have said the same thing if you'd asked them in 1932. I suspect they would have offered a different opinion in 1942. I bet lots of Japanese Americans would have had a similar evolution of opinion.

This is not the sun blowing up there is plenty of historical precedent for this even if you don't consider Nazi Germany. Its happened before it *could* I am not saying will happen again. There are obvious things that make it less likely to happen

You don't live in that kind of a society right up until the moment when you do live in that kind of a society, at which point it is rather too late to do anything to prevent it. Trust someone who lived behind the iron curtain - you don't WANT to know what society will be like if we keep heading in that direction. However small those steps are, they are not reversible.

Each stolen phone that they make the victim pay to replace or make them eat the remaining contract with no phone. that gets hooked back up to their network should gain them a fine and jail time for participating in the laundering of stolen goods.

That's exactly what's going on -- they are dragging ass because they profit, knowingly and deliberately, from participating in this cycle. Some interstate criminal conspiracy charges on executives would also be welcome.

Cellphones are not computers, they are radios with computer components, and thus are subject to different rules.

"Laptops with a built-in microphone and webcam and support for 3G/4G mobile broadband are not computers; they are radios with computer components, and thus are subject to different rules." How is my claim any less true?

This is the government wanting more intrusive access into your phone. This doesn't have a damn thing to do with theft. Android already has a "where the ****" is my phone, as well as wiping features exposed through Google's device manager service. If you want another party to have access to such functionality you can make that party administrator of your phone such as is often done when connecting your phone to your company's Exchange server.

Apple already ships remote kill software with iPhones. Why can't Samsung just do the same with Android phones it sells?

I do see value in being able to tell a carrier that a phone it stolen and they should not allow its use on a network. But remote kill, I don't see as being something that should go through a cellular provider.

There's no need for Samsung to do it -- this capability is already in every Android phone that uses Google Apps. It's enabled by default, although users can disable it. You can even disable the two things independently of each other: phone location and phone wiping.

I, for one, would absolutely object to this capability being included if I didn't know about it or I couldn't disable it. I don't want my carrier -- or anybody else -- to be able to locate my phone and disable it. The inclusion of this ability with no way to turn it off would prevent me from buying the phone.

That statement sent a chill down my spine as an iPhone user. Is there any way to disable this? I'm far, far less worried about my phone getting stolen from my pocket or house (the only two places it resides) than I am about a hacker bricking it.

That statement sent a chill down my spine as an iPhone user. Is there any way to disable this?

It's disabled by default, you have to enable "FindMyIphone" for it to work.

I'm not sure why it would "send a chill down your spine" to have the ability for you to find your phone if it was lost, which is very useful. It's not like anyone can trigger it without your iCloud account login.

I'm not sure why it would "send a chill down your spine" to have the ability for you to find your phone if it was lost, which is very useful. It's not like anyone can trigger it without your iCloud account login.

I'm not likely to ever lose my iPhone (except in my bedroom, at which resolution I'm sure its of no use), so the positive use case for the ability is nigh zero for me. I'm far more worried about hackers from somewhere random in the world deciding to to disable phones for the lulz. I'm also (in a minor, abstract way) concerned about the carrier / government interest in being able to disable phones.

However, the fact that it has to be enabled and requires an iCloud account is a relief since I'd never do eith

I'm not likely to ever lose my iPhone (except in my bedroom, at which resolution I'm sure its of no use)

It's not just location and the ability to remote wipe you get, but also to have the iPhone emit a sound on demand (which works even if you have it on silent). I've used it a few times when I've lost it somewhere in the house.

I'm far more worried about hackers from somewhere random in the world deciding to to disable phones for the lulz.

Can't you just imagine this tool when it comes to mass protests? Especially when things turn violent as they have in plenty of countries over the year. The primary way news is getting out is cell phone cameras and videos.

Wouldn't any freedom loving government just die to have access to a kill switch?

I can already imagine how many times someone will lose their phone, then remotely break it only to find it later and hassle customer service to fix it.

Putting that aside, I just can't see this kind of security being useful or reducing actual thefts very much. I can't imagine there won't be a way to disable, remove, or otherwise bypass this remote wipe in some way.

The first way is to make the device irrecoverable... utterly and completely. Customer service could no more make a bricked phone operational again than it could fix one that had been run over by a train. But the disadvantage of this is that it probably wouldn't stop customers from asking.

The second way, and probably a preferable one, is to make the bricking recoverable by the end user, who must enter a password that they chose for their phone to unbrick the device.

Do you lose your wallet all the time or do you know where it is at all times? Maybe we need a kill switch just in case someone steals your wallet, maybe a die pack or something that goes boom then we could hook it up to the phone so we have a way to send the kill signal. Maybe just don't walk around with your fancy phone in your hand putting down constantly with earphones sticking out of your head on the subway late at night.

Phones are litterally like cars.You can't sell a stolen car. So you chop up the parts since they're not IDed and sell them.

Go on Ebay, check for repair parts. LCD is 150$, camera module, ect ect are all there and can bring in a good amount of money.

Carriers already have white list phones for CDMA. I'm sure there's an equivalent to a bad esn for GSM phones. The repair parts probably already come straight from these phones. A kill switch won't fix anything not already in place, just gives more room for a

Why would anybody favor such an expensive and ineffective option (with so many shortcomings) when the carriers could just be required to keep a database of unique identifiers (don't quote me--I think they're called IMEI numbers) of phones reported stolen and simply blacklist those phones from their networks.

Then, a person can report their phone stolen and the carriers make it useless because none of them are allowed to service it while it is in the "stolen" database.

While I agree with others worried that a kill switch could be abused (by carriers / government / MPAA / RIAA / etc), I'm now wondering if it would be a handy way to counter (un)lawful search and seizure of a device by various authorities? Say you're transiting through the US and a TSA agent decides they want to confiscate (and presumably search) your smartphone. If the kill switch is easy to activate (maybe a number you call and enter a code, or via your laptop or friend's smartphone), you could wipe your device before they get the contents.

A proposal by Samsung to the five largest U.S. carriers would have made the LoJack software, developed by Canada's Absolute Software, a standard component on many of its Android phones in the U.S.

Steal phone.

Power off phone/remove battery.

Take phone home, boot into bootloader.

Install Cyanogenmod.

Only nerds do this. But when criminals find that their phones are stolen, they will resort to Google. It's think up a new way to make hundreds of dollars at a time, get a job, or figure out a quick way to get around this Lobe-Jacks software. There is no expedient to which a man will not go to avoid the labor of thinking, thus someone will think "there has got to be something online to un-kill thi

The ability to disable cell phones is already there and used in most of the rest of the world. All the carriers have to do is to ban the IMEI number of the phone when it is reported stolen and the phone can't be activated on the network. Yes, the phone isn't wiped, but it removes the primary cause of phone theft, which is selling them (since people will not be able to activate and use the stolen phone). This is used to great success almost everywhere except for the US where the carriers refuse to do it. We don't need something new, we just need the carriers to do the same thing carriers all over the world are already doing.

My guess is that carriers don't want to halt phone theft since it is a money boon for them. If someone's phone gets stolen, then they have to buy a new one from the carrier at full price, and the carriers make more money that way. If they start banning IMEI numbers and phone theft goes down, they don't get than extra money in their pocket. All the government has to do is mandate that the carriers not allow stolen phone's IMEI numbers on their network and everything takes care of itself.

These carriers have seen that it reduces theft in the rest of the world. And I mean reduce, not 'completely stop it'.So these companies know it will work and reduce the demand for phones. So why would they be against it? Oh right, money.